Abuse victims’ data stolen in ransomware attack on Derry company

17 Apr 2023

Image: © RareStock/Stock.adobe.com

Evide said it notified the police when it became aware that its systems had been breached. The attack is now subject to a criminal investigation.

Evide, a Derry-headquartered IT company that helps non-profits manage their data, has been targeted by cybercriminals.

The company reported it had been attacked last month. It manages the data of around 140 non-profits based across the island of Ireland and the UK.

RTÉ News reported that up to nine organisations in the Republic of Ireland have had their data stolen, and that at least four of those charities work with survivors of abuse.

RTÉ News also reported that a ransom has been sought, however no ransom has been paid. As yet, none of the sensitive, personal data has been published on online forums.

The ransomware attack is currently the subject of a criminal investigation by the Police Service of Northern Ireland (PSNI).

Evide confirmed to SiliconRepublic.com that it notified the police when it became aware that its systems had been breached. It also engaged with cybersecurity professionals to try and contain the attack.

“We recently became aware of an incident when unusual traffic was detected on our network. As soon as we became aware that a third party had accessed our systems we immediately contacted the PSNI and engaged the services of experienced cybersecurity specialists to assist us to contain the issue, support recovery efforts, and conduct a thorough investigation,” the company said in an emailed statement.

“We have provided notifications to all relevant stakeholders and clients and also notified the relevant authorities, including the Police Service of Northern Ireland who notified An Garda Síochána.”

Among the charities that were affected by the attack was One in Four, a Dublin-based organisation that works with adults who have experienced childhood sexual abuse and their families.

One in Four’s CEO Maeve Lewis told RTE’s Morning Ireland programme that it has contacted up to 500 people whose data may have been stolen as a result of the attack. She said the charity will be operating a helpline for victims concerned about their information security.

Also commenting on the attack, Oz Alashe, CEO of CybSafe, said “This disappointing news is a reminder that the charity sector and its third-party suppliers are not immune from malicious actors, despite the fantastic work they do.”

“Charities and suppliers are often seen as a gold mine for cyber criminals, as they prioritise funding on frontline charitable work rather than into defences against cyberthreats.”

Alashe said that this story serves as a reminder that charities must look beyond their front door when it comes to security, ensuring their third-party partners’ employees are taking cybersecurity seriously.

“It is crucial that organisations emphasise the significance of cybersecurity across all of their partnerships. People are the first and last line of defence in safeguarding this crucial data. Focusing on specific security behaviours that make individuals vulnerable to attacks, and promoting positive cooperation has the potential to reduce organisational risk. Otherwise, the organisations that exist to help the most vulnerable, will continue to be vulnerable themselves.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Blathnaid O’Dea was a Careers reporter at Silicon Republic until 2024.